Generate iOS signing certificate and provisioning profile

Learn how to generate the signing certificate and mobile provisioning profile files used for signing your iOS app.

  • A signing certificate (.p12 file) is a digital identity used for code signing during the build and archive process.

  • A provisioning profile (.mobileprovision file) authorizes your app to use certain app services and ensures that you’re a known developer developing, uploading, or distributing your app.

For more information, see Apple’s What is app signing?.

Before you start

Only Apple Development certificate can be used by Kobiton. Apple Distribution certificate cannot be used.

Generate a signing certificate

Submit a certificate signing request

On any MacOS device, launch Keychain Access.

From the Keychain Access menu, choose Certificate Assistant, then select Request a Certificate From a Certificate Authority.

launch *Keychain Access*

Enter your email and name, but leave CA Email Address blank. Then choose Saved to disk and select Continue.

Enter your email and name, but leave *CA Email Address* blank. Then choose *Save to disk* and select *Continue*

Select Save to download your .certSigningRequest file.

Select *Save* to download your `.certSigningRequest` file.

Submit the signing request to generate a .cer file

Log into Apple Developer. Under Certificate, IDs & Profiles, select Certificates.

The Certificates option under Certificate, Identifiers and Profiles

Select the plus icon to create a new certificate.

The plus icon to create a new certificate

Choose Apple Development, then select Continue.

Choose *Apple Development*, then select *Continue*

Select Choose File, choose the .certSigningRequest file, then select Continue.

Select *Choose File*, choose the `.certSigningRequest` file, then select *Continue*

Select Download to save the development.cer file to the local machine.

Select *Download* to download your `.cert` file

Generate .p12 file

On the macOS device, launch Keychain Access.

Select the login keychain, select Certificates, then drag and drop the development.cer file into the Certificates page.

Make sure the login keychain is highlighted before you drag and drop the file into Certificates. If another keychain is highlighted instead, such as System, you cannot export the .p12 file.
On your macOS device, launch *Keychain Access*

Right-click the recently imported certificate, then select Export <your-certificate-name>.

Right-click your `.cert` file, then select *Export <your-cert-file>*

Choose the Personal Information Exchange (. p12) file format, then select Save.

Choose the *Personal Information Exchange (.p12)* file format, then select *Save*

Enter a password to protect the certificate. If you don’t want to enter a password, leave the field blank and select OK.

Enter a password to protect the certificate, or leave the fields blank and select *OK*

Input the MacOS administrator password to export the .p12 certificate file. Move the file to the Mac mini host to import it later.

Generate a provisioning profile

Create an identifier

At the Apple Developer resources page, select Identifiers. Select the plus icon to create a new identifier.

The plus icon to create a new identifier

Choose App IDs, then select Continue.

A closeup to Select App ID

Select App as type, then Continue.

A closeup to Select type

Add a description for the app ID. For Bundle ID, choose Wildcard. Input the appropriate Bundle ID into the box according to the use cases below:

  • If you do not use Kobiton re-signing service, input com.mobilelabsinc.*.

  • If you use Kobiton re-signing service and want to install any app, input com.*.

If you are unsure, input com.* as it will work in most cases.
A closeup to choose Wildcard option

When you’re finished, select Continue.

Review the information, then select Register to create the identifier.

A closeup to confirm app ID

Register device UDID

Note down the UDID of all iOS/iPadOS devices you want to host.

At the Apple Developer resources page, select Devices. Choose the plus icon to register new devices.

The plus icon to register new device

Choose iOS, iPadOS, tvOS, watchOS, visionOS for Platform, then enter the device name and UDID to add a single device.

Alternatively, select Download sample files and follow the official instructions to register multiple devices, then upload the file by selecting Choose File.

Select Continue when you are finished.

The register new device screen with options to add single or multiple devices

Review the information and select Register.

The register new device review information screen with the Register button

Generate .mobileprovision file

At the Apple Developer resources page, select Profiles. Choose the plus icon to create a new profile.

Plus icon to create a new Profile

Select iOS App Development under Development, then Continue.

The iOS App Development option under Development

Choose the app ID you created earlier from the dropdown list, then Continue.

The app ID selection dropdown when generating a profile

Choose the certificate you created earlier, then Continue.

The certificate selection dropdown when generating a profile

Choose the devices you registered earlier, then Continue.

The device selection dropdown when generating a profile

Input the Provisioning Profile Name, review the information, then select Generate.

The review profile information screen with the Generate button

Select Download to save the .mobileprovision file. Move the file to the Mac mini host for importing to deviceConnect and deviceShare later.

The download profile screen with the Download button